Re: CRC32 vd MD5

> I'm no expert on hashing/error checking algorithms

Nor am I, but here goes...

> I'm afraid so please forgive me if the
> following is somewhat obvious...

Instant reactions to your question, and without reading the PDFs:

A CRC check is a very simple check originally designed to check the transmission of bit-serial data in an environment where there is a risk of noise affecting the data. The characteristics of such noise is that it tends to be "bursty", affecting short sequences of bits. A CRC check can be implemented cheaply in hardware when the data is in bit-serial form using "xor" gates and an n-bit shift register; in this case a 32-bit shift register. Given a bit sequence that has been changed it is sufficient to change no more than 32 bits elsewhere to compensate and get the shift register back into the state it would have had without the pair of corresponding changes. Given a disk image where there is likely to be a fair amount of "slack space" finding a location to form the "compensating" change is not difficult. Given that no more than 32 bits need to be changed, that the computations are fairly simple, and that the "slack space" is likely to be fairly close to the data that is changed and you have a situation where it is fairly easy to patch a disc image protected only be CRC32.

So, a CRC does what it's designed to do well; but it's only designed to check for *accidental* changes to the data. It *is* practical to intentionally modify data protected by a CRC.

A cryptographically strong hash functioin like the one used in MD5 is far harder to "crack". I can't really comment on just *how* much harder it is because I'm not an expert but all the advice is that it's very much stronger. The hash function is harder to compute (and hence takes more time); the hash value generated is longer so more trials have to be made in a "brute force" attack.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

We wouldn't use MD5 in password files if it was easy to crack; we wouldn't use CRC32 is password files if we were sane!

-- 
	David Pick


-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: 
http://aris.securityfocus.com